<?php

    // Created By : Julian Ponce
    // B.S. Computer Science - De La Salle Canlubang
    // September 17, 2011
    // IN parameters : routeId, stepNumber, subRouteId 
    // OUT parameters : List of Attachments.

// Start - Checker for those users who will just go to the page by typing directly in the url.
if ($_POST) {   
    // INCLUDES CONFIGURATION VARIABLES FOR DATABASE ACCESS
    include ("../includes/siteConfig.php");

    // CONNECT TO DATABASE
    $connect = mysql_connect($hostName,$rootName,$dBasePassword) or die ('Unable to connect!');
    mysql_select_db($dBaseName) or die ('Unable to select database!');
    
    // GET VARIABLES VIA POST METHOD
    $routeId = $_POST['routeId'];
    $stepNumber = $_POST['stepNumber'];
    $subRouteId = $_POST['subRouteId'];
    
    // FOR TAGGING
    if ($subRouteId == "NULL") {
        // GET STEP ID FROM RouteStep TABLE BY PLACING THE routeId and stepNumber
        $query = 
            "
                SELECT stepId
                FROM RouteStep 
                WHERE routeId = '$routeId' AND stepNumber = '$stepNumber' AND subRouteId IS NULL
            ";

        $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
    }
    
    else {
        // GET STEP ID FROM RouteStep TABLE BY PLACING THE routeId and stepNumber
        $query = 
            "
                SELECT stepId
                FROM RouteStep 
                WHERE routeId = '$routeId' AND stepNumber = '$stepNumber' AND subRouteId = '$subRouteId'
            ";

        $result = mysql_query($query) or die ('Error in query: $query. ' . mysql_error());
    }
    
    
    // SAVE RESULT TO $stepId
    $row = mysql_fetch_array($result);
    $stepId = $row['stepId'];
    mysql_free_result($result);
    
    // QUERY ATTACHMENTS BASED ON STEP ID
    $queryDocumentSetupId = 
        "
            SELECT documentSetupId
            FROM RouteStep_Req_Attachment
            WHERE stepId = '$stepId'
        ";
    
    $result = mysql_query($queryDocumentSetupId) or die ('Error in query: $queryDocumentSetupId. ' . mysql_error());
    

    // Checks if there is an attachment for this stepId
    if (mysql_num_rows($result) > 0) {
        while ($row = mysql_fetch_array($result)) {
            
            $tempDocumentSetupId = $row['documentSetupId'];
            // Gets information/name of the documentSetupId
            $queryDocumentName = 
                "
                    SELECT documentName
                    FROM DocumentSetup
                    WHERE documentSetupId = '$tempDocumentSetupId'
                ";
    
            $documentsResult = mysql_query($queryDocumentName) or die ('Error in query: $queryDocumentName. ' . mysql_error());
            $documentsRow = mysql_fetch_array($documentsResult);
            
            
            $jsondata = array();
            $jsondata['documentSetupId'] = $tempDocumentSetupId;
            $jsondata['documentName'] = $documentsRow['documentName'];
            $feed[] = $jsondata;

        }
        
    }
    else {
        $feed ['documentName'] = "none";
    }
    
    
    echo json_encode($feed);
    mysql_free_result($result);
    mysql_close($connect);
}   // End - Checker for those users who will just go to the page by typing directly in the url.
else {
 echo "You are not authorized to view this page. This incident will be reported immediately.";
}
?>
